Hellsing Targeted Attacks

VIRUS DEFINITION

Virus Type: Advanced Persistent Threat (APT)

What is Hellsing?

Hellsing is a small cyberespionage group targeting mostly government and diplomatic organizations in Asia. Deeper analysis of the Hellsing threat actor by Kaspersky Lab reveals a trail of spear-phishing emails with malicious attachments designed to propagate espionage malware among different organizations. If a victim opens the malicious attachment, their system becomes infected with a custom backdoor capable of downloading and uploading files, updating and uninstalling itself.

Who are the victims of these attacks?

Kaspersky Lab has detected and blocked Hellsing malware in Malaysia, the Philippines, India, Indonesia and the US, with most of the victims located in Malaysia and the Philippines.

Am I at risk?

You might be a target of Hellsing if the following risk factors are familiar to you:

Risk factors:

If you work for/with governments in APAC

If you receive and read hundreds of emails, open attachments

If you have received suspicious .scr files Inside RAR/ZIP archives, with password